One-time logon method for distributed computing systems

ABSTRACT

Prior to authentication, a business system generates a password list and sends the password list to a commercial service system. A request for use of the commercial service system is sent from a terminal that a user is using to the business system. In response to this, the business system that received the request for use checks the request for use of a commercial service use authority of the user. A password is selected from the password list and returned to the terminal. The terminal sends the returned password to the commercial service system. The commercial service system compares the password with a password in accounting information including the password list. If they match, login is permitted and the used password is nullified.

BACKGROUND OF THE INVENTION

[0001] The present invention relates to a login authentication techniquethat allows a user who is using a business system to use a commercialservice system safely and enables multiple users who are using thebusiness system to share an account of the commercial service system.

[0002] At present, a user frequently uses various commercial servicesvia an intranet business system and the Internet at the same time. Theintranet business system performs login authentication to enableprocessing in accordance with the user's official authority. However, ifa service via the Internet is charged, the login authentication isrequired for utilization of the service. The following requirements areprovided for utilization of these multiple systems.

[0003] (1) When a user uses a commercial service system from inside anenterprise, the user needs not to be aware of the system or service thatthe user is using. That is, the login authentication of the commercialservice system needs not to be performed explicitly.

[0004] (2) Because in-house users who can use a commercial servicesystem must be limited in accordance with their official authority,security concerning information (accounting) about login authenticationneeds also to be considered. That is, even if a password is leaked toanother user, the password is rejected by the login authentication.

[0005] (3) Because a business system that is already operating and acommercial service may be linked, a load on the business system isminimized.

[0006] (4) Because it is mostly unrealistic from the standpoint ofaccounting that accounts for in-house users who use a commercial serviceare secured, multiple in-house users can share an account.

[0007] To satisfy the requirement (1), a method for transferring aspecial key generated in accordance with a protocol arranged between abusiness system and a service system to a client (terminal) isconsidered so that the commercial service can directly be used from theclient. In this case, to satisfy the requirement (2), a fixed user IDand a password in the normal login authentication cannot be used as thekey. To realize the above login authentication function, utilization ofwhat is called a one-time password is considered. The prototype of theone-time password is a Lamport's Hash algorithm, and is described in‘Password Authentication with Insecure Communication’ by Leslie Lamportof “Communications of the ACM, Volume 24, Issue 11 (November 1981)”,pages 770 to 772.

SUMMARY OF THE INVENTION

[0008] In a Lamport's hash algorithm, a password that will be used nextis determined by inquiring an numerical value n that indicates how farthe password was consumed and the service system side ought to storethis n and only the corresponding hash value. However, there are thefollowing two problems to apply this one-time password to the businesssystem and the commercial service system.

[0009] The first problem is that because communication is performedbetween the business system and the service system in accordance withthe Lamport's hash algorithm, the communication needs to be performedmultiple times between the business system and the service system,thereby increasing the load of the business system.

[0010] The second problem is that only one hash value is stored at theservice side and one account cannot be used by multiple persons at thesame time.

[0011] An object of the present invention is to provide a loginauthentication method for reducing traffic and enabling concurrentutilization of one account by the multiple persons and itsimplementation system.

[0012] According to the method described in a first aspect of thepresent invention, because the communication that inquires how far apassword has been used at present needs not to be performed, the trafficcan be reduced. Further, according to the method described in claim 2 or3, all passwords have previously been sent to the commercial servicesystem, multiple persons can perform login processing at the same time.

BRIEF DESCRIPTION OF THE DRAWING

[0013]FIG. 1 is a general drawing of a processing method according toone example of the present invention.

[0014]FIG. 2 is a block diagram of the password list of the presentinvention.

[0015]FIG. 3 is a general drawing of the processing method in theaccounting information of the present invention.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0016] One embodiment of the present invention is described below.

[0017]FIG. 1 shows a general drawing of a processing method according toone example of the present invention. In an enterprise, there are abusiness system 1 and a client 3 (terminal or computer) that a useruses. The user logs in the business system 1. Further, the user alsouses a service system that exists in an external commercial servicesite. A commercial service system has accounting information 41 everyuser to manage the user. The case where multiple users share and usethis accounting information 41 is considered.

[0018] Prior to login authentication, a password list 40 is generated ina business system. There are N passwords in this password list 40. Here,an individual password is assumed to be generated from a random number.This password list 40 is sent 500 to a service system 2 and stored inthe password of the accounting information 41. Further, each passwordstores a pair of flags that indicate whether this password is alreadyused or unused. The initial value of this flag is unused. When the useruses a commercial service, the user sends 501 a request for use of thecommercial service system 2 from the client 3 that the user is using tothe business system 1.

[0019] The business system 1 that received the request for use checks502 a commercial service use authority of the user. If the use authorityis provided, any password 401 is selected 503 from the password list 40and returned 504 to a client.

[0020] To prevent that the selected password is allocated to a clientsagain, the selected password is eliminated from the password list or theline for the selected password is made blank.

[0021] The client 3 sends 505 the returned password to the commercialservice system 2. The commercial service system 2 makes a comparison 506with a password within the accounting information 41, and permits loginif a matching password (411 in this case) is provided. Further, thecommercial service system 2 changes a flag paired with the used passwordto the used flag in order to nullify 507 the used password.

[0022] In a series of processing described above, login authenticationprocessing can be performed by multiple users to one account at the sametime by always allocating a different password to each user.

[0023] The one embodiment was described above, but as a modificationexample of this example, an example when one-time password algorithm ismodified and applied to a processing method of the present invention isdescribed below.

[0024] A second example in which the password list 40 in a first examplewas replaced is described using the password list of FIG. 2. At thispoint, an individual password is generated by sequentially applying ahash function to an optional initial value r. Here, Hash[n](r) 402indicates the result in which the hash function is applied to r n times(402).

[0025] Prior to login authentication, a business system sends 500 thetotal applicable number of times N of the hash function and onlyHash[N](r) to the service system 2.

[0026] A third example in which the accounting information 41 in thefirst example was replaced is described using the accounting informationof FIG. 3. Here, each password stores the applicable number of times ofthe hash function and a pair of flags that indicate whether thispassword is already used or unused (412). In the initial state, theaccounting information stores Hash [N](r), N, and only unused pair offlags.

[0027] When a request for use of a commercial service is received from auser, the password selection processing 503 of the business system 1allocates a password sequentially from the password of which theapplicable number of times n is high.

[0028] The return processing 504 to a client also returns the password402 and the applicable number of times n. The comparison processing 506in the commercial service system 2 compares the result (Hash[N-n](password) in which a hash function was applied to the passwordHash[n](r) sent from the client only for the part in which theapplicable number of times n was subtracted from the total number ofapplicable times N and a numerical value of Hash[N](r), and permitslogin if they match.

[0029] An example for reducing computational complexity of a hashfunction in the commercial service system 2 is shown. Because thecomparison processing 506 in the commercial service system 2 performscomputation to which the hash function is applied multiple times, eachintermediate result is added to the accounting information 41. Here,when the computation is performed until the applicable number of timesis set to m, the computation of the hash function results in Hash[m−n](password) and the result is compared with Hash [m](r). On thisoccasion, the intermediate result from the applicable number of times nto m is stored. Subsequently, in the compare processing of the passwordof which the applicable number of times is higher than n and lower thanm, the hash function is not computed.

[0030] A user can use a business system and a commercial service systemwithout needing to be aware of the system or service that the user isusing.

[0031] A business limit indicating that “Only a specific user can use acommercial service” can be satisfied safely.

[0032] The traffic between the business system and the commercialservice system can be reduced.

[0033] Further, one account of the commercial service system can beshared by multiple persons.

[0034] As a result, the traffic is reduced and the concurrentutilization of the one account by the multiple persons is enabled.

1. A login authentication method of a user who uses a business systemand a commercial service system, comprising the steps of: sending arequest for use of said commercial service system from a terminal thatthe user is using to said business system, when the user who logs insaid business system uses said commercial service system, with respectto the user; checking a commercial service use authority of the user,and returning selects one password from a password list created prior toauthentication to said terminal, with respect to said business systemthat received the request of use; sending the returned password to saidcommercial service system, with respect to said terminal; and comparingthe password with accounting information created prior to theauthentication, permitting login when they match, and nullifying saidused password, with respect to said commercial service system.
 2. Thelogin authentication method according to claim 1, wherein said businesssystem generates said password list using a random number, sends saidpassword list to said commercial service system, and creates accountinginformation.
 3. The login authentication method according to claim 1,wherein said commercial service system generates said accountinginformation using a random number, sends said accounting information tosaid business system, and creates said password list.
 4. The loginauthentication method according to claim 1, wherein said business systemgenerates said password list using a numerical value to which anoptional numerical value and a one-way function were appliedsequentially, sends the applicable number of times of said one-wayfunction and the numerical value of a sequentially applied final resultto said commercial service system, and creates said accountinginformation, and when use of a commercial service system is requestedfrom said terminal, said business system returns a password and theapplicable number of times of said one-way function to said terminal,compares the result in which said one-way function was applied to thepassword sent from said terminal only for a part in which the applicablenumber of times of said one-way function to said password was subtractedfrom the applicable number of times of said final result, with thenumerical value of said final result in said accounting information whenlogin permission in said commercial service system is determined, andpermits login if they match.
 5. The login authentication methodaccording to claim 4, wherein the numerical value of the sequentiallyapplied result is retained when the login permission in said commercialservice system is determined thereby to apply it to the result in whichthe numerical value was retained for the part of the applicable numberof times of said one-way function of the retained result was subtractedfrom the applicable number of times of said one-way function of adetermining password.
 6. A login authentication program of a user whouses a business system and a commercial service system, comprising thesteps of: sending a request for use of said commercial service systemfrom said terminal that the user is using to said business system whenthe user who logs in said business system uses said commercial servicesystem; checking a commercial service use authority, selecting apassword from a password list created prior to authentication, andreturning the password to said terminal with respect to said businesssystem; sending the returned password to said commercial service systemwith respect to said terminal; and comparing the password withaccounting information created prior to authentication, permitting loginwhen they match, and nullifying said used password with respect to saidcommercial service system.
 7. The login authentication program accordingto claim 6, further comprising the step of allowing said business systemto generate said password list using a random number, send said passwordlist to said commercial service system, and create said accountinginformation.
 8. The login authentication program according to claim 6,further comprising the step of allowing said commercial service systemto generate said accounting information using a random number, send saidaccounting information to said business system, and create said passwordlist.
 9. The login authentication program according to claim 6, furthercomprising the steps of: allowing said business system to generate saidpassword list using a value to which an optional value and a one-wayfunction are applied sequentially, send the applicable number of timesof said one-way function and a numerical value of the sequentiallyapplied final result, and create said accounting information; andallowing said business system to return a password and the applicablenumber of times of said one-way function to said terminal when use of acommercial service system is requested from said terminal, compare aresult in which said one-way function was applied to the password sentfrom said terminal only for a part in which the applicable number oftimes of said one-way function for the password was subtracted from theapplicable number of times of said final result, with the numericalvalue of said final result in said accounting information, and permitlogin if they match.
 10. The login authentication program according toclaim 9, further comprising the step of retaining the value of thesequentially applied result when the login permission in said commercialservice system is determined thereby to apply it to the result in whichthe numerical value was retained for the part in which the number oftimes of said one-way function of the retained result was subtractedfrom the applicable number of times of said one-way function of adetermining password.